You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
New report
Malt Tech Trends 2026
Alejandro Fernandez GonzalezAF

Alejandro Fernandez Gonzalez

Lead Auditor ISO 42001 + ISO 27001 (AENOR) · vCISO

€400/day
Oviedo, ES
3-7 years
Cybersecurity
ISO 27001
ISO 42001
Information Security
Governance, Risk and Compliance

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Alejandro

I am Alex,ISO 42001 and 27001 Lead Auditorcertified by AENOR, with a senior profile in compliance and cybersecurity. Master's inArtificial Intelligence. (Available in person throughout Europe)

I currently lead cybersecurity and regulatory compliance in a technology company of +120 employees.

Some measurable things that define me:

  • **2 consecutive external ISO 27001 audits with 0 Non-Conformities**, led by me from start to finish (including the first one just 2 months after joining, starting from zero documentation).
  • I also conductinternal ISO audits27001, so the company does not need external consultants.
  • **Full deployment of the Microsoft Security stack in production**: Defender for Endpoint (lvl 2), Sentinel (SIEM), Intune (MDM), Purview (DLP) and Entra ID — for +120 employees.
  • Automation with proprietary AI of cybersecurity and compliance processes:Defender alerts, Purview, security ticket management — massive savings in time and operational cost.
  • Corporate Contingency Plan validated in real production during the national blackout of May 2025(not in a simulation).
  • ISO/IEC 42001 Lead Auditor (AI Management Systems)— a scarce profile in Spain, I am one of the first to obtain this certificate; combined with myMaster's in AI.
My approach: to turn regulatory complexity (ISO 27001, ISO 42001, NIS2, ENS, GDPR) into practical systems that work in daily life, not just on paper.

+33 verifiable accumulated certifications(AENOR, Microsoft, Cisco, AWS, Harvard, IBM, and others). Computer Engineering (UOC)

Available for occasional or continuous collaborations (fractional vCISO). Languages: native Spanish, certified English C1.
Consulting and Audits
IoT (Internet of Things)
Digital and IT Services
Telecommunications

  • Spanish

    Native or bilingual

  • English

    Fluent

  • Russian

    Basic

Can work on-site
Oviedo (up to 50km), Barcelona (up to 50km), Madrid (up to 50km), Sevilla (up to 50km)

Experience

  • Process Control Tech
    Head of Cybersecurity, Compliance & Project Management
    March 2025 - Today (1 year and 3 months)
    • I lead the corporate ISMS as Information Security Officer, ensuring alignment with ISO 27001, ENS, and NIS2.
    • I led the first external ISO 27001 audit with zero non-conformities, designing the entire process from documentary restructuring to risk analysis and final audit.
    • Full deployment of the Microsoft Security stack: Defender for Endpoint (level 2), Sentinel as SIEM, Intune for device management, and Purview for DLP, all integrated with Entra ID in production at the corporate level.
    • Cybersecurity and Compliance layer enhanced with AI: integrating Claude Code, Microsoft Copilot, and proprietary automations into daily ISMS, governance, and SOC operations, with measurable reductions in evidence writing, alert triaging, policy review, and executive reporting.
    • I personally conduct internal audits as ISO 27001 Lead Auditor (AENOR): first 100% internal cycle in 2026, eliminating external consultancy and passing the DNV external audit with zero non-conformities.
    • I supervise the IT department (1:1 monthly, performance KPIs, continuous team improvement).
    • I develop information security and governance procedures, policies, and frameworks.
    • I hired, onboarded, and supervise 4 systems technicians recruited in 2 months.
    • I report directly to management on risk mitigation, compliance status, and department performance.
    Microsoft Intune Microsoft Entra ID Cybersecurity ISO 27001 Lead Auditor ISO 27001
  • Process Control Tech
    Cybersecurity Officer
    January 2025 - March 2025 (2 months)
    • • Managed ISMS operations and internal audits as part of the ISO 27001 implementation phase.
    • • Supported risk assessment, risk treatment planning, and SoA documentation.
    • • Contributed to vulnerability assessments and compliance monitoring activities.
    ISMS ISO 27001 Lead Auditor Information Security Management
  • Process Control Tech
    Systems Technician
    October 2024 - January 2025 (3 months)
    • • Provided technical support and system optimization, with a focus on Odoo and internal tools.
    • • Supported early ISO 27001 implementation tasks and documentation management.
    • • Collaborated with multiple departments to align technical operations with security requirements.
    ISO 27001 Lead Auditor Information Security Management Cybersecurity Compliance
Check out Alejandro's experience

Recommendations

Jordi RodríguezJR
EG
Jordi Rodríguez and 1 other person have recommended Alejandro

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • MSc
    MSc
  • Computer Engineering
    Universitat Oberta de Catalunya
    Computer Engineering
Check out Alejandro's education

Certifications

  • ISO 27001 Lead Auditor
    AENOR
    2025
  • ISO 42001 Lead Auditor
    AI Management System
    2026
Alejandro's certifications are only visible to Malt Community members

Skill set

ISO 27001
ISO 27001 Lead Auditor
ISO 42001
NIS2
GDPR
vCISO
Microsoft Sentinel
Microsoft Defender
Microsoft Purview
Microsoft Intune
Microsoft Entra ID
Risk Management
AI Governance
ISMS
Pentesting
SIEM
Cybersecurity
Compliance
DLP
Audit
Information Security Management

Categories